Trust Assessment
baidu-baike-search received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsanitized user input in URL parameters.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsanitized user input in URL parameters The `baidu_baike.sh` script directly interpolates user-provided arguments (`$TITLE`, `$ID`, `$TOP_K`) into the `curl` command's URL without proper URL encoding. This allows an attacker to inject arbitrary URL parameters, potentially altering the API request's behavior, or causing unexpected errors. For example, an input like `foo&malicious_param=value` for `TITLE` would result in `search_key=foo&malicious_param=value` being sent to the API. This vulnerability exists in the 'search' (line 20), 'search_by_id' (line 29), and 'list_by_title' (line 39) actions. URL-encode all user-provided parameters (`$TITLE`, `$ID`, `$TOP_K`) before interpolating them into the `curl` command's URL. A robust URL encoding function should be used to escape special characters like `&`, `=`, `?`, `/`, etc. For example, in bash, one could use a function that leverages `python -c 'import urllib.parse; print(urllib.parse.quote_plus(sys.argv[1]))'` or a custom bash function to encode the values. | LLM | scripts/baidu_baike.sh:20 |
Scan History
Embed Code
[](https://skillshield.io/report/5ffe7f3a0e36ccc5)
Powered by SkillShield